Paul Ferguson on Mitigating DDoS Attacks with Ingress Filtering
I would consider ingress filtering to be Security 101, a security fundamental. If people cannot do the basic fundamentals of security then they are going to learn some very hard lessons.
Alpharetta, Georgia (PRWEB) July 01, 2014
ZCorum, a leading provider of managed broadband services and diagnostics, released a new installment in their Ask a Broadband Expert series entitled Mitigating DDoS Attacks with Ingress Filtering. The article features an interview with Internet security expert Paul Ferguson, who co-wrote BCP38, the Best Current Practices policy on the subject.
A Distributed Denial of Service attack occurs when someone spoofs or fakes the return IP address within a packet to be an address on an unrelated network they’ve targeted for the attack. The attacker uses a group of compromised machines to flood the spoofed IP address with return packets, and once that begins it can completely shut down the target network. BCP38 encourages Internet Service Providers and others who route packets for large groups of users to implement ingress filtering to prevent IP spoofing in order to keep their network from being used as part of an attack. The policy was documented by the Internet Engineering Task Force (IETF), a non-commercial, not-for-profit, non-governmental organization that develops and promotes internet standards.
In the article Ferguson explains why these attacks are becoming more prevalent, who is most likely to be targeted, and why service providers should implement anti-spoofing measures. He states, “I would consider this to be Security 101, a security fundamental. If people cannot do the basic fundamentals of security then they are going to learn some very hard lessons.”
According to Scott Helms, Vice President of Technology at ZCorum, the number of DDoS attacks has risen sharply in the last year and they are having a greater impact when they occur. “The attackers are now making use of protocols like UDP and NTP, and they are amplifying the attacks so it doesn’t take many compromised users to have a huge impact on their victim.” Helms participated in a webinar on BCP38 and DDoS attacks that ZCorum recently held for members of the National Cable Television Cooperative (NCTC).
About ZCorum
ZCorum provides managed broadband services and diagnostics solutions to cable companies, telephone companies, utilities, and municipalities, assisting in all aspects of broadband implementation, engineering and consulting, bandwidth management, network monitoring and diagnostics. ZCorum also offers wholesale, private-labeled Internet services, including data and VoIP provisioning, email, Web hosting, and 24x7 support for end-users, enabling service providers to compete more effectively in their local markets. ZCorum is headquartered in Alpharetta, GA. For more information, please visit http://www.ZCorum.com.